LDSTechForumProjects

SSO config file for all services

Description

  • Maps the sign-in page into the simulated domain, localhost.lds.org, or port 80 via the sso-sign-in-url containing the same domain as the by-site host and including the last two cctx-mapping declarations routing /admin and /ui to the console port where the sign-in pages actually reside.
  • Maps two applications, /directory and /calendar, hosted on 127.0.0.1 into localhost.lds.org:80.
  • Maps a /missionary service application hosted on 127.0.0.1:8014 into localhost.lds.org:80/missionary.
  • Maps a /annotation service application hosted on 127.0.0.1:8025 into localhost.lds.org:80/annotation.
  • User attributes defined here conform to SSO Injected Headers.
<?xml version="1.0" encoding="UTF-8"?>

<!-- 
    Leverages sso simulator provided login page.
    
    Processing supports aliases with processing instructions of form name=value
    and for each string value read thereafter replaces any occurrence of 
    {{name}} with the specified value in the alias declaration.
-->

<?alias rest-port=1776?>
<?alias console-port={{rest-port}}?>
<?alias http-port=80?>

<!-- 
    Defines the configuration for the sso simulator. The console-port is the
    port on which the console will be found and the rest api resides. The proxy
    port is the port that should be set as the browser's http proxy.
-->
<config proxy-port="{{http-port}}" console-port="{{console-port}}" allow-non-sso-traffic="false" rest-version="CD-OESv1">
    <console-recording sso="true" rest="true" max-entries="100" enable-debug-logging="true"/>
    <sso-cookie name="lds-policy" domain=".lds.org"/>

    <sso-traffic>
        <by-site host="localhost.lds.org" port="{{http-port}}">
       
         <!-- Directory Service -->
         <cctx-mapping cctx="/directory*" thost="127.0.0.1" tport="8080" tpath="/directory*"/>
	 <unenforced cpath="/directory/v1.0-MC/Services"/>
	 <unenforced cpath="/directory/v1.0-MC/Services/rest/lud?*"/>
         <allow action="GET,POST,PUT,DELETE" cpath="/directory/*"/>
         <allow action="GET,POST,PUT,DELETE" cpath="/directory/*?*"/>

         <!-- Calendar Service -->
         <cctx-mapping cctx="/calendar*" thost="127.0.0.1" tport="8080" tpath="/calendar*"/>
	 <unenforced cpath="/calendar/v1.1-MC/Services"/>
	 <unenforced cpath="/calendar/v1.1-MC/Services/rest/luc?*"/>
         <allow action="GET,POST,PUT,DELETE" cpath="/calendar/*"/>
         <allow action="GET,POST,PUT,DELETE" cpath="/calendar/*?*"/>

         <!-- Missionary Service -->
         <cctx-mapping cctx="/missionary*" thost="127.0.0.1" tport="8014" tpath="/missionary*"/>
	 <unenforced cpath="/missionary/v1.0/Services"/>
	 <unenforced cpath="/missionary/v1.0/Services/rest?*"/>
	 <unenforced cpath="/missionary/v1.0/Services/soap/MissionaryService?*"/>
         <allow action="GET,POST,PUT,DELETE" cpath="/missionary/*"/>
         <allow action="GET,POST,PUT,DELETE" cpath="/missionary/*?*"/>


         <!-- Journal Service -->
         <cctx-mapping cctx="/annotation*" thost="127.0.0.1" tport="8025" tpath="/annotation*"/>
	 <unenforced cpath="/annotation/v1.0/Services"/>
	 <unenforced cpath="/annotation/v1.0/Services/rest?*"/> 
         <allow action="GET,POST,PUT,DELETE" cpath="/annotation/*"/>
         <allow action="GET,POST,PUT,DELETE" cpath="/annotation/*?*"/>

          <cctx-mapping cctx="/admin*" thost="127.0.0.1" tport="{{console-port}}" tpath="/admin*"/>
          <unenforced cpath="/admin/*"/>
          <unenforced cpath="/admin/*?*"/>
          <cctx-mapping cctx="/ui/*" thost="127.0.0.1" tport="{{console-port}}" tpath="/ui/*"/>
          <unenforced cpath="/ui/*"/>
          <unenforced cpath="/ui/*?*"/>
        </by-site>
    </sso-traffic>
    <!-- 
        The set of defined users, headers injected per user, and urls allowed 
        by each user url access permissions 
    -->
    <users source="BROKEN!/{username}" session-timeout-seconds="18000">
        <user name="pholder" pwd="password1">
            <sso-header name="policy-ldsbdate" value="1980-03-31"/>
            <sso-header name="policy-ldsemailaddress" value="admin@localhost"/>
            <sso-header name="policy-preferredname" value="Perry Holder"/>
            <sso-header name="policy-sn" value="Holder"/>
            <sso-header name="policy-ldsmrn" value="8800025601091"/>
            <sso-header name="policy-ldsaccountid" value="11"/>
            <sso-header name="policy-ldsunits" value="/7u17701/5u501484/1u790036/"/>
            <sso-header name="policy-ldspositions" value="p4/7u17701/5u501484/1u790036/"/>
            <sso-header name="policy-preferredlanguage" value="en"/>
        </user>
    </users>
</config>
This page was last modified on 31 March 2016, at 15:08.

Note: Content found in this wiki may not always reflect official Church information. See Terms of Use.